popup

Cyber Threat Trends

  1. Day Week

Gemelli flickerflypro flickerfly

Summary: 2025/04/28 23:57

First reported date: 2010/05/28
Inquiry period : 2025/03/29 23:57 ~ 2025/04/28 23:57 (1 months), 117 search results

전 기간대비 30% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 CVE Vulnerability Exploit Malware Update 입니다.
공격기술 APT hijack 도 새롭게 확인됩니다.
기관 및 기업 North Korea AhnLab SECUI dprk 도 새롭게 확인됩니다.
기타 MITRE CrushFTP FortiGate Ivanti IoT 등 신규 키워드도 확인됩니다.

The Common Vulnerabilities and Exposures (CVE) system provides a reference method for publicly known information-security vulnerabilities and exposures.

CVE(Common Vulnerabilities and Exposure)는 공개적으로 알려진 소프트웨어의 보안취약점을 가리키는 고유 표기

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/28 NVIDIA Riva Vulnerabilities Leave AI-Powered Speech and Translation Services at Risk
    ㆍ 2025/04/25 DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks
    ㆍ 2025/04/25 Commvault Command Center Path Traversal Vulnerability (CVE-2025-34028)

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1CVE 117 ▲ 35 (30%)
2Vulnerability 116 ▲ 34 (29%)
3Exploit 39 ▲ 1 (3%)
4Malware 33 ▲ 7 (21%)
5Update 33 ▲ 6 (18%)
6RCE 26 ▲ 20 (77%)
7CISA 22 ▲ 16 (73%)
8CVSS 22 ▼ -2 (-9%)
9Alert 19 ▲ 7 (37%)
10Report 18 ▲ 6 (33%)
11Critical 13 ▲ 2 (15%)
12program 13 ▲ 12 (92%)
13Software 12 ▲ 2 (17%)
14attack 12 ▼ -8 (-67%)
15MITRE 11 ▲ new
16Government 10 ▲ 9 (90%)
17Operation 9 ▲ 2 (22%)
18Remote Code Execution 9 ▼ -19 (-211%)
19flaw 8 ▲ 5 (63%)
20Windows 8 ▼ -1 (-13%)
21ZeroDay 8 ▼ -6 (-75%)
22hacking 7 ▲ 4 (57%)
23intelligence 7 ▼ -3 (-43%)
24Remote 7 ▲ 3 (43%)
25securityaffairs 6 ▲ 4 (67%)
26CrushFTP 6 ▲ new
27target 6 ▼ -7 (-117%)
28GitHub 6 ▲ 1 (17%)
29Fortinet 6 ▲ 5 (83%)
30PoC 6 ▲ 2 (33%)
31Microsoft 5 ▼ -2 (-40%)
32Campaign 5 ▲ 4 (80%)
33ThreatProtection 5 ▲ 1 (20%)
34MWNEWS 5 ▲ 2 (40%)
35wild 5 ▲ 4 (80%)
36FortiGate 5 ▲ new
37access 5 - 0 (0%)
38Cisco 4 - 0 (0%)
39Ivanti 4 ▲ new
40DDoS 4 ▲ 2 (50%)
41Supply chain 4 ▲ 1 (25%)
42Apache 4 ▼ -4 (-100%)
43NortonLifeLock 4 - 0 (0%)
44IoT 4 ▲ new
45Java 4 ▲ 1 (25%)
46Funding 4 ▲ new
47SSH 3 ▲ new
48Linux 3 - 0 (0%)
49Register 3 ▲ new
50code 3 ▼ -1 (-33%)
51NTLM 3 ▲ new
52Exploitation 3 ▲ new
53Google 3 ▼ -2 (-67%)
54WhatsApp 3 ▲ new
55contract 3 ▲ new
56NIST 3 ▲ 2 (67%)
57Command 3 ▲ new
58LinkedIn 3 ▲ new
59CVEs 3 ▲ new
60file 2 ▲ new
61ErlangOTP 2 ▲ new
62North Korea 2 ▲ new
63AhnLab 2 ▲ new
64cti 2 ▲ new
65Old 2 ▲ new
66APT 2 ▲ new
67available 2 ▲ new
68extension 2 ▲ new
69continuity 2 ▲ new
70MITREs 2 ▲ new
71CISAs 2 ▲ new
72SECUI 2 ▲ new
73Allows 2 ▲ new
74dprk 2 ▲ new
75Active 2 ▲ 1 (50%)
76DYEPACK 2 ▼ -2 (-100%)
77Docker 2 ▲ new
78United States 2 - 0 (0%)
79disclosure 2 ▲ new
80NVIDIA 2 ▲ new
81hijack 2 ▲ new
82Vite 2 ▲ new
83recent 2 ▲ new
84Execution 2 ▲ 1 (50%)
85vulnerable 2 ▲ new
86Telegram 2 ▲ new
87Larva 2 ▲ new
88overflow 2 ▲ new
89randomquery 2 ▲ new
90Gladinet 2 ▲ new
91Education 2 ▲ 1 (50%)
92Password 2 - 0 (0%)
93httpstcopbHM 2 ▲ new
94SAP 2 ▲ new
95href 2 ▲ new
96SHODAN 2 ▼ -1 (-50%)
97Mandiant 2 ▲ 1 (50%)
98amp 2 - 0 (0%)
99Secure 2 ▲ new
100unauthenticated 2 ▲ 1 (50%)
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
DYEPACK
2 (33.3%)
NetWireRC
1 (16.7%)
BlackSuit
1 (16.7%)
DslogdRAT
1 (16.7%)
Vawtrak
1 (16.7%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
Exploit
39 (41.5%)
RCE
26 (27.7%)
Remote Code Execution
9 (9.6%)
hacking
7 (7.4%)
Campaign
5 (5.3%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
CISA
22 (33.3%)
Government
10 (15.2%)
Fortinet
6 (9.1%)
Microsoft
5 (7.6%)
Cisco
4 (6.1%)
Threat info
Last 5

SNS

(Total : 75)
  Total keyword

CVE Vulnerability Exploit Attacker Update CVSS RCE hacking CISA ZeroDay attack Report Malware Windows Remote Code Execution PoC Fortinet North Korea Telegram WhatsApp hijack dprk APT AhnLab Microsoft SSRF DDoS SECUI Cisco Campaign SHODAN iPhone Password Email ChatGPT Education WordPress ...

No Title Date
1Hunter @HunterMapping
????Alert???? two new vulnerabilities in React Router CVE-2025-43864: DoS via cache poisoning by forcing SPA mode CVE-2025-43865: Pre-render data spoofing on React-Router framework mode ????PoC from @zhero___ & @inzo____ : CVE-2025-43864:https://t.co/hfhSnQ6p8F https://t.co/pTwRxdMNwf		2025.04.28
2Hunter @HunterMapping
????Alert???? CVE-2025-31324(CVSS v3 score: 10.0):Critical SAP NetWeaver Zero-Day Vulnerability ????EXP : https://t.co/rffC5FzOf3 ????23K+ Services are found on the https://t.co/ysWb28Crld yearly. ????Hunter Link:https://t.co/GaOcRgCFh8 ????Query HUNTER : https://t.co/q9rtuGgxk7="SAP https://t.co/LH		2025.04.27
3Hunter @HunterMapping
????Alert???? CVE-2025-32432:Craft CMS Allows Remote Code Execution ????EXP : https://t.co/SjQRk5TZLC ????997.9K+ Services are found on the https://t.co/ysWb28Crld yearly. ????Hunter Link:https://t.co/CF2MvxksAI ????Query HUNTER : https://t.co/q9rtuGgxk7="Craft CMS" FOFA https://t.co/GgDFwrqpRx		2025.04.27
4The Hacker News @TheHackersNews
???? Hackers could be one path away from your sensitive files! ???? New CVEs expose major flaws in Rack & Infodraw systems: ???? CVE-2025-27610 lets attackers read config files & credentials via path traversal. ???? Infodraw CVE-2025-43928 allows any file to be read or deleted—no https://		2025.04.25
5Cyber_OSINT @Cyber_O51NT
Cybersecurity researchers reported three vulnerabilities in Rack::Static, potentially allowing attackers to access files and tamper with logs; CVE-2025-27610 is noted with a CVSS score of 7.5. #Cybersecurity #Ruby #DataBreach https://t.co/acMa17y088		2025.04.25

News

(Total : 42)
  Total keyword

Vulnerability CVE Malware Exploit Update RCE CISA Report CVSS Software Attacker Government Operation attack intelligence GitHub target Remote Code Execution Supply chain IoT Windows ZeroDay Linux Campaign NIST Microsoft Java LinkedIn CVEs Fortinet DYEPACK Cisco Commvault United States PoC DDoS Google VPN Red Hat hacking BlackSuit Distribution DslogdRAT Japan NetWireRC Vawtrak WhatsApp Docker DNS Ubuntu NSA Education Qualys Europe ...

No Title Date
1NVIDIA Riva Vulnerabilities Leave AI-Powered Speech and Translation Services at Risk - TrendMicro2025.04.28
2DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks - The Hacker News2025.04.25
3Commvault Command Center Path Traversal Vulnerability (CVE-2025-34028) - FortiGuard Labs2025.04.25
4CVE-2025-34028: PoC Released for Critical RCE Vulnerability in Commvault Command Center - Malware.News2025.04.25
5159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure - The Hacker News2025.04.24

Additional information

Level Description
warning File has been identified by 29 AntiVirus engines on VirusTotal as malicious
watch Communicates with host for which no DNS query was performed
watch Resumed a suspended thread in a remote process potentially indicative of process injection
notice Allocates read-write-execute memory (usually to unpack itself)
notice An application raised an exception which may be indicative of an exploit crash
notice Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time)
notice Performs some HTTP requests
notice Uses Windows utilities for basic Windows functionality
notice Yara rule detected in process memory
info One or more processes crashed
Network ET INFO TLS Handshake Failure
Network SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
No data
No data
Beta Service, If you select keyword, you can check detailed information.